locked
a certificate could not be found that can be used with this extensible authentication protocol in PEAP policy config RRS feed

  • Question

  • Windows 2003 enterprise

    AD DC, DNS, DHCP, CA and IAS all are running from single server. But at the time of configuration of Remote Access Policy the error message of "a certificate could not be found that can be used with this extensible authentication protocol" is appeared. So with the help of mmc snap in the certificate was requested from CA (Domain Controller template)as a new certificate request and placed in the local computer personal folder. 

    After placing the certificate the error message was disappeared during configuring PEAP. 

    But after sometime the certificate was disappeared from remote access policy. But the same imported certificate was present in personal folder.

    What is reason for frequent disappearing?

    How to manage the situation?


    • Edited by Thiruna Saturday, May 3, 2014 6:56 PM
    Saturday, May 3, 2014 6:33 PM

Answers

  • Hi,

    I think the cause is that the DomainControllerAuthentication certificate has superseded the DomainController certificate which is chosen during the setup of IAS.

    To avoid this, if you’re going to install IAS on a Domain Controller, the DC should be made to enroll for a separate certificate from the template 'RAS and IAS Servers' before the IAS server is installed and this certificate should then be chosen for any PEAP setup.

    Further details:

    Enrolling Certificates with Templates

    http://technet.microsoft.com/en-us/library/dd197527(v=WS.10).aspx

    Configure the server certificate template

    http://technet.microsoft.com/en-us/library/cc755043(v=WS.10).aspx



    Steven Lee

    TechNet Community Support

    Wednesday, May 7, 2014 1:09 AM